Thursday, December 06, 2018

Re: [update] nginx 1.14.2

Hi

go ahead

On 06/12/18 09:15 +0100, Landry Breuil wrote:
> Hi,
>
> trivial update for 3 CVEs (CVE-2018-16843, CVE-2018-16844 &
> CVE-2018-16845), see http://nginx.org/en/CHANGES-1.14 for
> other changes. Remove a libressl patch merged upstream in
> http://hg.nginx.org/nginx/rev/2cf1d945bbb3
>
> builds and runs locally on amd64.
>
> Landry

> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/www/nginx/Makefile,v
> retrieving revision 1.128
> diff -u -r1.128 Makefile
> --- Makefile 27 Nov 2018 14:55:07 -0000 1.128
> +++ Makefile 6 Dec 2018 08:12:05 -0000
> @@ -15,7 +15,7 @@
> COMMENT-perl= nginx perl scripting module
> COMMENT-passenger= nginx passenger (ruby/python/nodejs) integration module
>
> -VERSION= 1.14.1
> +VERSION= 1.14.2
> DISTNAME= nginx-${VERSION}
> CATEGORIES= www
>
> @@ -31,7 +31,6 @@
> PKGNAME-headers_more= nginx-headers-more-${VERSION}
> PKGNAME-perl= nginx-perl-${VERSION}
> PKGNAME-passenger= nginx-passenger-${VERSION}
> -REVISION-perl=0
>
> MASTER_SITES= https://nginx.org/download/
> MASTER_SITES0= https://github.com/simpl/ngx_devel_kit/archive/
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/www/nginx/distinfo,v
> retrieving revision 1.67
> diff -u -r1.67 distinfo
> --- distinfo 10 Nov 2018 08:43:34 -0000 1.67
> +++ distinfo 6 Dec 2018 08:12:05 -0000
> @@ -2,13 +2,13 @@
> SHA256 (lua-nginx-module-v0.10.11.tar.gz) = wPuR/P0cbn3sNMpkgm74H/66/e9hdNJURnY284BWZiY=
> SHA256 (naxsi-0.55.3.tar.gz) = CzyV0lB3Lcia2LSeR8HgJMWuLHbAz/pEXp/gXE3RNJU=
> SHA256 (nginx-1.14.0-chroot.patch) = 6dERcspRpgEau5QbXHC+K0r5C9Ogy/df6j8BpYrStL0=
> -SHA256 (nginx-1.14.1.tar.gz) = vwmXQTDA1BwKgR3swXqW7C9Yzci7rLdx3o04yboUpKQ=
> +SHA256 (nginx-1.14.2.tar.gz) = AC2fYVTjMYhqLdTmBlhjycHPgpGul6ElUwhXLAK+l5c=
> SHA256 (nginx-auth-ldap-0.20170725.tar.gz) = gNbM6amHfVHewvhaEc580l7b0tYFwovChofsxWlSKe4=
> SHA256 (ngx_devel_kit-v0.3.0.tar.gz) = iOBamainQZBm9a51lm+x78QJutRSLRSYbaB0VUrmFhk=
> SIZE (headers-more-nginx-module-v0.33.tar.gz) = 28130
> SIZE (lua-nginx-module-v0.10.11.tar.gz) = 616653
> SIZE (naxsi-0.55.3.tar.gz) = 187416
> SIZE (nginx-1.14.0-chroot.patch) = 8220
> -SIZE (nginx-1.14.1.tar.gz) = 1014040
> +SIZE (nginx-1.14.2.tar.gz) = 1015384
> SIZE (nginx-auth-ldap-0.20170725.tar.gz) = 18457
> SIZE (ngx_devel_kit-v0.3.0.tar.gz) = 66455
> Index: patches/patch-src_event_ngx_event_openssl_h
> ===================================================================
> RCS file: patches/patch-src_event_ngx_event_openssl_h
> diff -N patches/patch-src_event_ngx_event_openssl_h
> --- patches/patch-src_event_ngx_event_openssl_h 28 Sep 2018 14:36:16 -0000 1.4
> +++ /dev/null 1 Jan 1970 00:00:00 -0000
> @@ -1,20 +0,0 @@
> -$OpenBSD: patch-src_event_ngx_event_openssl_h,v 1.4 2018/09/28 14:36:16 sthen Exp $
> -
> -LibreSSL now has enough of the 1.1 API for nginx
> -
> -Index: src/event/ngx_event_openssl.h
> ---- src/event/ngx_event_openssl.h.orig
> -+++ src/event/ngx_event_openssl.h
> -@@ -34,12 +34,6 @@
> - #define NGX_SSL_NAME "OpenSSL"
> -
> -
> --#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L)
> --#undef OPENSSL_VERSION_NUMBER
> --#define OPENSSL_VERSION_NUMBER 0x1000107fL
> --

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)